Photo of Tracy P. Marshall

Tracy Marshall assists clients with a range of business and regulatory matters.

In the business and transactional area, Ms. Marshall advises for-profit and non-profit clients on corporate organization, operations, and governance matters, and assists clients with structuring and negotiating a variety of transactions, including purchase and sale, marketing, outsourcing, and e-commerce agreements.

In the privacy, data security, and advertising areas, she helps clients comply with privacy, data security, and consumer protection laws, including laws governing telemarketing and commercial e-mail messages, contests and sweepstakes, endorsements and testimonials, marketing to children, and data breach notification. Ms. Marshall also helps clients establish best practices for collecting, storing, sharing, and disposing of data, and manage outsourcing arrangements and transborder data flows. In addition, she assists with drafting and implementing internal privacy, data security, and breach notification policies, as well as public privacy policies and website terms and conditions.

As to intellectual property matters, Ms. Marshall helps clients protect their copyrights and trademarks through registration, enforcement actions, and licensing agreements.

She also represents clients in proceedings before the Federal Communications Commission and Federal Trade Commission.

Ms. Marshall is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and a contributing author of the Consumer Protection Connection blog and Beyond Telecom Law Blog.

On April 29, 2021, the Federal Trade Commission (FTC) will host a virtual public workshop to examine the nature and effects of “dark patterns” on online user behavior. “Bringing Dark Patterns to Light: An FTC Workshop” is expected to explore ways in which user interfaces can have the effect, intentionally or unintentionally, of obscuring, subverting,

Tapjoy, Inc., the operator of a mobile advertising platform that appears in certain mobile gaming applications, has settled Federal Trade Commission (FTC) allegations that the company deceived consumers by failing to provide them with promised rewards. Tapjoy’s platform allows mobile app users to interact with third-party advertisers and gain rewards, such as virtual currency, for

Third-party service providers are vital to many companies and they handle a wide range of business activities essential for companies to deliver their own offerings. But a company is not adequately protecting consumers if it fails to perform proper due diligence on service providers and contractually require them to employ appropriate security measures to protect

Online opinions – and not just from celebrities – are big business. Consumer reviews can be highly influential in convincing other shoppers to buy a product. In fact, the founder and CEO of Sunday Riley Modern Skincare LLC (Sunday Riley Skincare) was so convinced about the power of those starred reviews on cosmetics chain Sephora’s

The EU-U.S. Privacy Shield Framework, which provided a mechanism to legally transfer personal information from the EU to the United States, was invalidated on July 16, 2020, but the Federal Trade Commission (FTC) has made it clear that companies that claimed to be participants must still make good on their word. A case in point

The Federal Trade Commission (FTC) recently announced settlements with two online companies for allegedly misleading customers about automatic membership renewal costs. On September 2, 2020, the FTC announced that Age of Learning, Inc., d/b/a ABCmouse, will pay $10 million to settle charges that the company enrolled thousands of consumers in a negative option scheme to

More than 160 million Americans play video games. Originally designed as single-use purchases for consoles or computers, video games are now downloadable, making them more accessible to consumers than ever. One important development for the video game industry has been the creation of “micro purchases” – in-game transactions such as “loot boxes” that players can

Protecting the online privacy of children by enforcing the Children’s Online Privacy Protection Act (COPPA) continues to be of paramount importance to federal and state regulators. In addition to the Federal Trade Commission (FTC), several state attorneys general (AGs) have brought COPPA actions recently, including the New Mexico and California AGs, and, most notably, the

A recent Federal Trade Commission (FTC) settlement with an online game company that allegedly tracked children illegally highlights some important questions, namely, how should the FTC assess the penalties it imposes for privacy violations, and what is the most effective way to both deter and punish companies for such violations?

The complaint in question was